API Token authentication for Iframe

I’m attempting to pass an API token for a user to grafana from our own internal website so that the main gui renders in an iframe. We don’t want the users to have to log into grafana after they have logged into our site, so we are creating their users in grafana, building an API token and attaching that to the user for our website. When the user goes to the page that has the grafana iframe, we are sending an ajax get request with the token so grafana renders the main dashboards with the users information.

If we do just a standard iframe everything works fine and we render inside the frame. We can get to the login page and do everything we need to. When I add the token so we don’t need to authenticate nothing renders and I see no errors/logs on either grafana or the website. If I send an invalid token I see the expected “401 invalid Api key” error on both the website and the grafana logs. This is what I’m sending from the website…

<div class="content">
    <div class="container-fluid" id="container">

    url: "{{url}}",
    type: "GET",
    beforeSend: function(xhr){
        xhr.setRequestHeader('Accept', 'application/json');
        xhr.setRequestHeader('Authorization', 'Bearer {{token}}');
    success: function(r) { 

With the above nothing happens, I get no errors or logs. If I keep everything else the same and just adjust the token to make it invalid, grafana says it is invalid, so I know it is making it to the server. Why is nothing coming back to be rendered?


1 Like

This post is about a month old and I’m just wondering if anyone from Grafana is going to respond.

I’m here because Marcus Efraimsson is telling people on GitHub to post their questions in the community forums. Is there any support here?

Thank you.